Vulnslist

find the latest Cisco vulnerabilities

Multiple Cisco Products SNORT HTTP Detection Engine File Policy Bypass Vulnerability

cisco-sa-ftd-bypass-3eCfd24j · Medium · Published · Updated

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.  This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-bypass-3eCfd24j

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. Please contact TAC for mitigations.

CVEsCVE-2020-3299
Cisco Bug IDsCSCvq96573, CSCvm69545
CVSS ScoreBase 5.8
Base 5.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco 4000 Series Integrated Services Routers, Cisco UTD SNORT IPS Engine Software, Cisco Firepower Threat Defense Software 6.2.3, Cisco Firepower Threat Defense Software 6.2.3.1, Cisco Firepower Threat Defense Software 6.2.3.2, Cisco Firepower Threat Defense Software 6.2.3.3, Cisco Firepower Threat Defense Software 6.2.3.4, Cisco Firepower Threat Defense Software 6.2.3.5, Cisco Firepower Threat Defense Software 6.2.3.6, Cisco Firepower Threat Defense Software 6.2.3.7, Cisco Firepower Threat Defense Software 6.2.3.8, Cisco Firepower Threat Defense Software 6.2.3.10, Cisco Firepower Threat Defense Software 6.2.3.11, Cisco Firepower Threat Defense Software 6.2.3.9, Cisco Firepower Threat Defense Software 6.2.3.12, Cisco Firepower Threat Defense Software 6.2.3.13, Cisco Firepower Threat Defense Software 6.2.3.14, Cisco Firepower Threat Defense Software 6.2.3.15, Cisco Firepower Threat Defense Software 6.2.3.16, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco Firepower 2100 Series, Cisco 3000 Series Industrial Security Appliances (ISA), Cisco Firepower 9000 Series, Cisco Firepower 4100 Series, Cisco Secure Firewall Threat Defense Virtual

Related Products

Product CVE Evidence
Cisco UTD SNORT IPS Engine Software CVE-2020-3299 Cisco OpenVuln
Cisco Secure Firewall Threat Defense Virtual CVE-2020-3299 Cisco OpenVuln
Cisco Secure Firewall Threat Defense (FTD) Software CVE-2020-3299 Cisco OpenVuln
Cisco Firepower Threat Defense Software CVE-2020-3299 Cisco OpenVuln
Cisco Firepower 9000 Series CVE-2020-3299 Cisco OpenVuln
Cisco Firepower 4100 Series CVE-2020-3299 Cisco OpenVuln
Cisco Firepower 2100 Series CVE-2020-3299 Cisco OpenVuln
Cisco 4000 Series Integrated Services Routers CVE-2020-3299 Cisco OpenVuln
Cisco 3000 Series Industrial Security Appliances (ISA) CVE-2020-3299 Cisco OpenVuln